<?php
include_once './utils/conn.php';
header("Access-Control-Allow-Origin: *");
//登陆
if (isset($_POST["action"]) && $_POST["action"] == "login") {
    $user = [
        "username" => $_POST["username"],
        "password" => $_POST["password"]
    ];
    login($conn, $user);
}

//保存
if (isset($_POST["action"]) && $_POST["action"] == "save") {
    //get user inputs
    $stu_no = $_POST['stu_no'];
    $stu_name = $_POST['stu_name'];
    $sex = $_POST['sex'];
    $tel = $_POST['tel'];
    $major = $_POST['major'];
    $class_name = $_POST['class_name'];
    $hobby = $_POST['hobby'];
    $student = [
        "stu_no" => $stu_no,
        "stu_name" => $stu_name,
        "sex" => $sex,
        "tel" => $tel,
        "major" => $major,
        "class_name" => $class_name,
        "hobby" => $hobby
    ];

    save($conn, $student);
}

//更新
if (isset($_POST["action"]) && $_POST["action"] == "update") {
    $stu_no = $_POST['stu_no'];
    $stu_name = $_POST['stu_name'];
    $sex = $_POST['sex'];
    $tel = $_POST['tel'];
    $major = $_POST['major'];
    $class_name = $_POST['class_name'];
    $hobby = $_POST['hobby'];
    $student = [
        "stu_no" => $stu_no,
        "stu_name" => $stu_name,
        "sex" => $sex,
        "tel" => $tel,
        "major" => $major,
        "class_name" => $class_name,
        "hobby" => $hobby
    ];
    update($conn, $student);
}

//查询
if (isset($_POST["action"]) && $_POST["action"] == "query") {
    $query = $_POST["query"];
    search($conn, $query);
}

//删除
if (isset($_GET["action"]) && $_GET["action"] == "delete") {
    $stu_no = $_GET["stu_no"];
    del($conn, $stu_no);
}

function save($conn, $student)
{
    //拼凑sql语句
    $sql = "insert into student(stu_no,stu_name,sex,tel,major,class_name,hobby) values(";
    $sql .= "'" . $student["stu_no"] . "',";
    $sql .= "'" . $student["stu_name"] . "',";
    $sql .= "'" . $student["sex"] . "',";
    $sql .= "'" . $student["tel"] . "',";
    $sql .= "'" . $student["major"] . "',";
    $sql .= "'" . $student["class_name"] . "',";
    $sql .= "'" . $student["hobby"] . "')";

    //执行sql
    $result = mysqli_query($conn, $sql);
    if ($result) {
        echo json_encode(["code" => 1, "msg" => "数据保存成功"], JSON_UNESCAPED_UNICODE);
    }
}
function del($conn, $stu_no)
{
    //编写sql语句
    $sql = "delete from student where stu_no='" . $stu_no . "'";

    //执行sql语句
    $result = mysqli_query($conn, $sql);

    if ($result) {
        echo json_encode(["code" => 1, "msg" => "删除成功"], JSON_UNESCAPED_UNICODE);
    } else {
        echo json_encode(["code" => 0, "msg" => "删除失败"], JSON_UNESCAPED_UNICODE);
    }
}



function update($conn, $student)
{

    //sql
    $sql = "update student set stu_name='" . $student["stu_name"];
    $sql .= "', sex='" . $student["sex"];
    $sql .= "', tel='" . $student["tel"];
    $sql .= "', major='" . $student["major"];
    $sql .= "', class_name='" . $student["class_name"];
    $sql .= "', hobby='" . $student["hobby"];
    $sql .= "' where stu_no='" . $student["stu_no"] . "'";

    //execute sql

    $result = mysqli_query($conn, $sql);
    if ($result) {
        echo json_encode(["code" => 1, "msg" => "update成功"], JSON_UNESCAPED_UNICODE);
    } else {
        echo json_encode(["code" => 0, "msg" => "update失败"], JSON_UNESCAPED_UNICODE);
    }
}


function search($conn, $query)
{

    //write sql

    $sql = "select * from student where stu_no='" . $query . "' || stu_name like '%" . $query . "%' || sex='" . $query;
    $sql .= "' || major like '%" . $query . "%' ||  class_name like '%" . $query . "%' || tel ='" . $query . "' || hobby like '%" . $query . "%'";

    //execute sql
    $result = mysqli_query($conn, $sql);
    $data = [];
    //遍历结果集,保存到数组中
    while ($row = mysqli_fetch_assoc($result)) {
        $data[] = [
            "stu_no" => $row["stu_no"],
            "stu_name" => $row["stu_name"],
            "sex" => $row["sex"],
            "tel" => $row["tel"],
            "major" => $row["major"],
            "class_name" => $row["class_name"],
            "hobby" => $row["hobby"]
        ];
    }
    echo json_encode(["code" => 1, "msg" => "数据查询成功", "data" => $data], JSON_UNESCAPED_UNICODE);
}


function login($conn, $user)
{
    //使用php把明文加密为密文
    $password = hash("sha256", $user["password"]);
    $sql = "select count(*) as count from login where username='" . $user["username"] . "' and password='" . $password . "'";
    $result = mysqli_query($conn, $sql);
    $row = mysqli_fetch_assoc($result);
    $count = $row["count"];
    if ($count > 0) {
        //登陆成功
        echo json_encode(["code" => 1, "msg" => "登陆成功", "data" => null], JSON_UNESCAPED_UNICODE);
    } else {
        //登陆失败
        echo json_encode(["code" => 0, "msg" => "登陆失败", "data" => null], JSON_UNESCAPED_UNICODE);
    }
}

function register($conn, $user)
{

    $password = hash('sha256', $user["password"]);
    $sql = "insert into login values('" . $user['username'] . "','" . $password . "')";
    $result = mysqli_query($conn, $sql);
    if ($result) {
        echo json_encode(["code" => 1, "msg" => "注册成功", "data" => null], JSON_UNESCAPED_UNICODE);
    } else {
        echo json_encode(["code" => 1, "msg" => "注册成功", "data" => null], JSON_UNESCAPED_UNICODE);
    }
}
